A malicious flood of network traffic temporarily knocked Internet registrar GoDaddy’s servers offline Monday — taking with it the site, its email, and thousands, potentially millions of websites registered through one of the Internet’s most popular services.
A Twitter user quickly claimed credit for the incident. Anup Ghosh, chief scientist with security company Invincea, described it as a distributed denial of service (DDoS) attack.
“This is yet another example of how anyone with an agenda can take down large portions of the Internet with really cheap, off-the-shelf tools,” Ghosh told FoxNews.com.
GoDaddy should be protected against such a simple web assault — a DDoS attack involves an overwhelming flood of communication that a server can’t keep up with, but it can be orchestrated with as few as 50 computers.
That an Internet service which hosts more than 5 million websites wasn’t protected reveals a surprising truth: The Internet is still startlingly vulnerable to such an attack.
“Anyone can be hacked, the size of the company has no bearing on it all,” Ghosh said.
Twitter user Anonymous Own3r claimed credit for the attack, and was quick to distance himself from the hacking collective that goes by a similar name.
“It is not Anonymous collective it’s only me. Don’t use Anonymous collective name on it, just my name,” he wrote, shortly after claiming responsibility.
In broken English filled with typos, he explained his justification for the attack.
“I’m taking godaddy down bacause well i’d like to test how the cyber security is safe and for more reasons that i can not talk now.”
GoDaddy quickly acknowledged the problem online, writing on Twitter that it was “working feverishly” to resolve the matter in a timely fashion.
“We’re aware of the trouble people are having with our site. We’re working on it,” GoDaddy explained in a simple Tweet Monday afternoon. Within two hours, the company claimed to be making progress.
“Update: Still working on it, but we’re making progress. Some service has already been restored. Stick with us.”
GoDaddy’s own site came back into service late Monday afternoon. But Ghosh and Invincea are particularly sensitive to the problem; as a GoDaddy customer, his site is down.
“Our website is down, any emails sent to Invincea aren’t going to make it.”
By taking down the servers at just a single key service providers, those responsible took down a lot of properties, he noted. And infrastructure needs to be made less vulnerable to these types of attacks.
“The bar is low to implement these types of attacks. It doesn’t take a lot,” he said.